Account security
- Two-factor authentication: email codes or an authenticator app (TOTP)
- One-time recovery codes for account restoration
- Session management with login history, visible to each user
- Rate limiting and honeypot protection on public forms
Security
Everything on this page ships in the platform today or is standard practice in our managed hosting. Nothing aspirational, nothing vague.
Procurement & review
IT reviews are welcome. During evaluation we’ll walk your team through authentication flows, the audit log, data-export tooling, and our hosting practices — on a live instance, not a slideshow. Accessibility matters too: the platform was rebuilt against WCAG 2.1 AA in 2026.
Bring them to a technical walkthrough — we answer on the live platform.